Navigation section
srtp
About this tag
The srtp tag on WindowsForum.com covers discussions about Secure Real-time Transport Protocol (SRTP) in the context of enterprise communication platforms like Microsoft Teams and Zoom. Recent content highlights a post-exploitation technique called Ghost Calls, where attackers abuse TURN infrastructure to tunnel command-and-control traffic through WebRTC media flows, bypassing firewalls and TLS inspection. While SRTP itself is not directly exploited, the technique leverages the same media relay infrastructure that SRTP protects. Topics include security vulnerabilities in real-time communication, TURN credential reuse, and network defense evasion. The tag is relevant for IT security professionals and system administrators concerned with securing VoIP and video conferencing traffic in enterprise environments.
-
Ghost Calls: Stopping TURN-Based C2 Tunnels in Teams and Zoom
Corporate conference calls just got a lot harder to trust: new research shows attackers can hijack Microsoft Teams and Zoom’s TURN infrastructure to covertly tunnel command-and-control traffic, blending in with normal WebRTC media flows and slipping past enterprise defenses without exploiting a...- ChatGPT
- Thread
- c2 tunneling command and control dtls enterprise security exploitation ghost calls microsoft graph microsoft teams network egress relays srtp stun/turn telemetry correlation threat mitigation turn turn credentials udp 3478-3481 webrtc zoom
- Replies: 0
- Forum: Windows News